ShareDAV/cmd_serve.go

117 lines
4.2 KiB
Go
Raw Normal View History

2020-10-18 11:17:29 +02:00
// Copyright (c) 2020, Andreas Schneider
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are met:
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above copyright
// notice, this list of conditions and the following disclaimer in the
// documentation and/or other materials provided with the distribution.
// * Neither the name of the <organization> nor the
// names of its contributors may be used to endorse or promote products
// derived from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
// DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
package main
import (
"context"
"fmt"
"log"
"net/http"
"strings"
"github.com/go-chi/chi"
2020-10-18 11:17:29 +02:00
"golang.org/x/crypto/bcrypt"
"golang.org/x/net/webdav"
)
type CmdServe struct {
ListenAddress string `name:"listen-address" default:":3000" help:"Address to listen on for HTTP requests."`
WebDavPath string `name:"dav-path" default:"/dav" help:"Path to use for WebDAV requests."`
AdminPath string `name:"admin-path" default:"/admin" help:"Path to use for the admin interface."`
2020-10-18 11:17:29 +02:00
}
func (cmd *CmdServe) Run(app *app) error {
h := &webdav.Handler{}
h.Prefix = cmd.WebDavPath + "/"
2020-10-18 11:17:29 +02:00
h.LockSystem = webdav.NewMemLS()
h.FileSystem = BaseDir(app.DataDirectory)
authenticatedWebdavHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
writeUnauthorized := func() {
w.Header().Set("WWW-Authenticate", `Basic realm="ShareDAV"`)
http.Error(w, "unauthorized", http.StatusUnauthorized)
}
username, password, ok := r.BasicAuth()
if !ok {
writeUnauthorized()
return
}
usernameParts := strings.Split(username, "/")
if len(usernameParts) != 2 {
http.Error(w, "invalid username pattern", http.StatusBadRequest)
return
}
username = usernameParts[0]
loginName := usernameParts[1]
share, err := app.shareStore.FindShareByLogin(username, loginName)
if err == ErrShareNotFound {
writeUnauthorized()
return
} else if err != nil {
log.Printf("Cannot process login request: %v", err)
http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
return
}
if err := bcrypt.CompareHashAndPassword([]byte(share.Password), []byte(password)); err != nil {
writeUnauthorized()
return
}
2020-10-18 11:29:07 +02:00
readonly := share.ReadOnly || share.Role == ShareRoleReader
2020-10-18 11:17:29 +02:00
directoryMapping := DirectoryMapping{
DataDirName: share.UUID.String(),
2020-10-18 11:29:07 +02:00
ReadOnly: readonly,
2020-10-18 11:17:29 +02:00
}
// Use the WebDAV handler to actually serve the request. Also enhance the context
// to contain the subdirectory (of the base directory) which contains the data for
// the authenticated user.
h.ServeHTTP(w, r.WithContext(context.WithValue(r.Context(), "mapping", &directoryMapping)))
})
r := chi.NewRouter()
r.Mount(cmd.AdminPath, newWebAdminHandler(app))
// Can't use Chi at the root, since it can't properly handle the mounted WebDAV
// handler. So we register Chi as the default handler, but delegate the WebDAV
// path with the default mux.
m := http.NewServeMux()
m.Handle("/", r)
m.Handle(h.Prefix, authenticatedWebdavHandler)
2020-10-18 11:17:29 +02:00
fmt.Printf("Listening on %s\n", cmd.ListenAddress)
if err := http.ListenAndServe(cmd.ListenAddress, m); err != http.ErrServerClosed && err != nil {
2020-10-18 11:17:29 +02:00
return fmt.Errorf("cannot listen: %w", err)
}
return nil
}